This is the most prevalent and most dangerous of web application vulnerabilities. Having this SQLi vulnerability in the application, an attacker may cause severe damage such as bypassing logins, retrieving sensitive information, modifying, deleting data. Sometimes this costs life when it comes to Healthcare, Banking domains. Okay introduction apart, the objective of this article is to exploit and read some sensitive data from the database. If you don’t know what exactly is this SQLi then read my other article which may throw some light. I am splitting the subject into two parts, having everything in one might throw you out of interest.

Identifying the vulnerable site!

I tried the most basic check for SQL vulnerability by inserting an apostrophe (‘) in the username field and leaving the password field empty and trying to login, after a few attempts this website gave me an SQL error which looked something like this.

Finding Columns Using Order By or Group By

The SQL ORDER BY clause is used to sort the data in ascending or descending order, based on one or more columns. Some databases sort the query results in an ascending order by default.

Group By Clause in My SQL

The SQL GROUP BY clause is used in collaboration with the SELECT statement to arrange identical data into groups. This GROUP BY clause follows the WHERE clause in a SELECT statement and precedes the ORDER BY clause.